<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<?php
    require_once('mysql.php');
    if(isset($_POST['buttondn'])){
     $username = addslashes($_POST['texttaikhoan']);
     $password = md5(addslashes($_POST['textmatkhau']));
    
    $sql_query = @mysql_query("SELECT IDUser,Taikhoan,Matkhau from user where Taikhoan='{$username}'");
    $member = @mysql_fetch_array($sql_query);
    
    if(@mysql_num_rows($sql_query)<=0 ){
         print "tên truy cập không tồn tại <a href='javascript:history.go(-1)'> quay trở lại </a>";
    exit;
    }
    
    if($password != $member['Matkhau']){
         print "nhập sai mật khẩu <a href='javascript:history.go(-1)'> quay trở lại </a>";
    exit;
    }
    //session
    
    $_SESSION['user_id'] = $member['id'];
    $_SESSION['user_ten'] = $member['ten'];
    
    print "bạn đã đăng nhập với tk {$member['Matkhau']} <a href='index.php'> về trang chủ";
    exit;
    }
?>
<body>
<form id="form1" name="form1" method="post" action="">
  <table width="272" border="0">
    <tr>
      <td width="90">Tài khoản:</td>
      <td width="166"><label for="texttaikhoan"></label>
      <input type="text" name="texttaikhoan" id="texttaikhoan" /></td>
    </tr>
    <tr>
      <td>Mật khẩu:</td>
      <td><label for="textmatkhau"></label>
      <input type="password" name="textmatkhau" id="textmatkhau" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="buttondn" id="buttondn" value="đăng nhập" /></td>
    </tr>
  </table>
</form>
</body>
</html>